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November 1998 Proceedings of the 1998 ACM/IEEE conference on Supercomputing 
(CDROM) 

Publisher: IEEE Computer Society 

Full text available: g] html(52.16 KB) Additional Information: full citation , abstract , references , citinps 

Application development for high-performance distributed computing systems, or 
computational grids as they are sometimes called, requires ' ' grid-enabled" tools that hide 
mundane aspects of the heterogeneous grid environment without compromising 
performance. As part of an investigation of these issues, we have developed MPICH-G, a 
grid-enabled implementation of the Message Passing Interface (MPI) that allows a user to 
run MPI programs across multiple computers at different sites using the same co ... 

Keywords: MPI, MPICH, Message Passing Interface, computational grids, globus, 
metacomputing 
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Drew has been providing computers to students since 1984. Many universities have 
ubiquitous computing programs where students receive a laptop computer as part of their 
educational package. These programs reduce the dependence on and management Issues of 
traditional computer labs, and allow 24x7 computing access to every student at the 
University. Drew also provides Novell Directory Services (NDS) accounts to all of these 
students, and utilizes Novell ZENworks to customize software, personalize ... 

Keywords: LDAP, ZENworks, directory services, eDirectory, laptop programs, 
management, ubiquitous corjiputing 
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June 2005 Mobile Networks and Applications, volume lO issue 3 
Publisher: ACM Press 

Full text available: Ddf(2.43 MB) Additional Information: full citation , abstract , references , index terms 

A serious challenge for seamless roaming between independent wireless LANs (WLANs) is 
how best to confederate the various WLAN service providers, each having different trust 
relationships with individuals and each supporting their own authentication schemes, wfiich 
may vary from one provider to the next. We have designed and implemented a 
comprehensive single sign-on (SSO) authentication architecture that confederates WLAN 
service providers through trusted identity providers. Users select the app ... 

Keywords: authentication, link layer security, policy control, roaming, wireless LAN 
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Divyangi Anchan, Mahmoud Pegah 

September 2003 Proceedings of the 31st annual ACM SIGUCCS conference on User 
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Publisher: ACM Press 
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It has been our effort at Ringling school to provide our campus community with the 
capability to uniformly access resources across multiple platforms. Empowering the user 
with a single sign-on capability has multifold benefits. It greatly improves user experience 
and relieves the user from the burden of remembering multiple user-id and password pairs 
On the administrative side, help desk costs are noticeably reduced and security improved, 
as users are not tempted to 'store' multiple passwords i ... 

Keywords: LDAP, RFC, account synchronization, active directory (AD), active directory 
service Interfaces (ADSI), password synchronization, single sign-on 
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Publisher: Kluwer Academic Publishers 

Full text available: ^ pdf(2.90 MB) Additional Information: full citation , abstract , references , index terms 

iMobile^ is an enterprise mobile service platform that allows resource-limited mobile devices 
to communicate with each other and to securely access corporate contents and services. 
The original IMobile architecture consists of devlets that provide protocol Interfaces to 
different mobile devices and infolets that access and transcode information based on device 
profiles, il^obile Enterprise Edition (iMobile EE) is a redesign of the original iMobile 
architecture to address the security, ... 

Keywords: content transcoding, middleware, mobile devices, mobile enterprise, mobile 
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terrns, review 

Current approaches to access control on the Web servers do not scale to enterprise-wide 
systems because they are mostly based on individual user identities. Hence we were 
motivated by the need to manage and enforce the strong and efficient RBAC access control 
technology in large-scale Web environments. To satisfy this requirement, we identify two 
different architectures for RBAC on the Web, called user-pull and server-pull. To 
demonstrate feasibility, we im ... 

Keywords: WWW security, cookies, digital certificates, role-based access control 
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Publisher: ACM Press 
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This paper presents Virgil, an automatic access point discovery and selection system. Unlike 
existing systems that select access points based entirely on received signal strength, Virgil 
scans for all available APs at a location, quickly associates to each, and runs a battery of 
tests to estimate the quality of each AP's connection to the Internet. Virgil also probes for 
blocked or redirected ports, to guide AP selection in favor of preserving application services 
that are currently In use. Resu ... 

Keywords: 802.11, access point selection, opportunistic connectivity, public networks, 
wireless networking 
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Mobile services and technolo g y track: A conceptual approach to information security in || 
financial account aggregation 

Manish Agrawal, Hemant Padmanabhan, Lokesh Pandey, H. R. Rao, Shambhu Upadhyaya 
March 2004 Proceedings of the 6th international conference on Electronic commerce 

ICEC '04 
Publisher: ACM Press 

Full text available: ■Q.BdfCLZlTOJCB) Additional Information: full citation , abstract , references 

An important dimension of mobile computing is the ubiquitous and location-independent 
availability of data. Aggregation is the ability to electronically access and display personal 
account information from disparate sources through a single identity. The client financial 
data is assembled in an organized format providing meaningful summarization and analysis. 
The prevalent methods of aggregation pose issues in information security and assurance. 
Utilizing advances in Internet technology such as ... 
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11 Access control with IBM Tivoli access manag er 2 
^ Gunter Karjoth 
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Issue 2 
Publisher: ACM Press 
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Web presence has become a l<ey consideration for the majority of companies and other 
organizations. Besides being an essential Information delivery tool, the Web is increasingly 
being regarded as an extension of the organization itself, directly integrated v\/ith its 
operating processes. As this transformation takes place, security grows In importance. IBM 
Tivoli Access Manager offers a shared infrastructure for authentication and access 
management, technologies that have begun to emerge in the com ... 

Keywords: Access control, WWW security, Web servers, authorization management 



'•2 A case study: implementing novell identity management at Drew University ^ 
E. Axel Larsson 

November 2005 Proceedings of the 33rd annual ACM SIGUCCS conference on User 

services SIGUCCS '05 
Publisher: ACM Press 

Full text available: '^ pdf(271.44 KB) Additional Infomnation: full citation , abstract , references , index terms 

Starting in 2003, Drew University began a process to replace Its manual account 
management procedures with an automated provisioning system based upon Novell 
technologies. Over the past two years, the scope of this project has expanded beyond 
managing network accounts, to include providing Identity and data integration services for a 
wide variety of third-party and hom6-grown applications encompassing everything form our 
campus ID card system to an admitted students' portal.This paper will prese ... 

Keywords: DIrXML, active directory, directory services, eDirectory, identity management, 
novell, password management, single sign on 
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o perating s ystems' authentication 

Arslan Bromme, Marcel Kronberg, Oliver Ellenbeck, Oliver Kasch 

March 2002 Proceedings of the 2002 ACM symposium on Applied computing 

Publisher: ACM Press 

Full text available: ^ pdf(675.28 KB) Additional Information: full citation , abstract , references , index terms 

This paper presents a conceptual framework for testing the implementation of biometric 
algorithms within Unix and Windows NT/2000 operating systems' login authentication. To 
support the analysis and evaluation of biometric algorithms, a data logging module will be 
used, enabling the collection of quantitative data, e.g. timestamps, biometric raw data, 
{pre)processed data, and return codes from each run of a biometric authentication. It is 
shown how biometric algorithms and a data logging module ... 

Keywords: biometric authentication, evaluation, operating system, robustness, testing 
biometric algorithms 



15 Crisis and aftermath 
^ E. H. Spafford 

>^ June 1989 Communications of the ACM, volume 32 issue 6 
Publisher: ACM Press 

Full text available- 1?l pdf(1.18 MB) Additional Information: full citation , abstract, references , citings, index 
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Last November the Internet was infected with a worm program that eventually spread to 
thousands of machines, disrupting normal activities and Internet connectivity for many 
days. The following article examines just how this worm operated. 

16 Ap plications: YouServ: a web-hostin g and content sharin g tool for the masses 
Roberto J. Bayardo Jr., Rakesh Agrawal, Daniel Gruhl, Amit Somani 
May 2002 Proceedings of the 11th international conference on World Wide Web 

Publisher: ACM Press 

Full text available- 153 df(238 48 KB) Additional Information: full citation , abstract , references , citing s, index 

= terms 

YouServ is a system that allows its users to pool existing desktop computing resources for 
high availability web hosting and file sharing. By exploiting standard web and internet 
protocols (e.g. HTTP and DNS), YouServ does not require those who access YouServ- 
published content to install special purpose software. Because it requires minimal server- 
side resources and administration, YouServ can be provided at a very low cost. We describe 
the design, implementation, and a successful intrane ... 

Keywords: decentralized systems, p2p, peer-to-peer networks, web hosting 
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January 1996 ACM SIGSOFT Software Engineering Notes, volume 21 issue 1 

Publisher: ACM Press 

Full text available: 'Qpdf (2.54 MB) Additional Information: full citation 



18 extreme de plo yment: distributin g and confi g urin g 450 student la pto ps in five hours li 
E. Axel Larsson, Russell Sprague 

October 2004 Proceedings of tlie 32nd annuai ACM SIGUCCS conference on User 




http://portal.acm.org/results.cfm?CFID=177002&CFTOKEN=60485664&adv=l&COLL=AC... 9/4/06 



Results (page 1): +single +sign-on, +update +password, +new +password, +application +... Page 6 of 6 



services 
Publisher: ACM Press 
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Drew University has been recognized as a leader in Ubiquitous Computing since 1984, with 
the introduction of our Computer Initiative program, distributing more than 450 notebook 
computers to incoming students. 

Drew's first Windows XP implementation did not register student computers into an Active 
Directory domain, instead opting for an unmanaged local account, which caused many 
support issues. By contract, having the computers in the domain would mean that users 
would not need a sepa ... 

Keywords: Microsoft, PHP, XML-RPC, active directory, apache, deployment, imaging, 
ubiquitous computing, windows 

19 Centralized authentication with Kerberos 5. Part I il 

AlfWachsmann 

February 2005 Linux Journal, volume 2005 issue 130 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: g) html(28.16 KB) Additional Infonnation: full citation , abstract , index terms 

The road to single sign-on begins with a robust authentication server. This series gives you 
a recipe for rolling out the well-tested Kerberos suite. 

20 A rule-based framework for roie-based dele g ation and revocation 2 

#Longhua Zhang, Gail-Joon Ahn, Bei-Tseng Chu 
August 2003 ACI^ Transactions on Information and System Security (TISSEC), volume 6 

Issue 3 
Publisher: ACM Press 



Delegation is the process whereby an active entity in a distributed environment authorizes 
another entity to access resources. In today's distributed systems, a user often needs to act 
on another user's behalf with some subset of his/her rights. Most systems have attempted 
to resolve such delegation requirements with ad-hoc mechanisms by compromising existing 
disorganized policies or simply attaching additional components to their applications. Still, 
there Is a strong need in the large, distrib ... 

Keywords: Role, access control, delegation, revocation, rule-based 
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